When our tools don’t automatically detect and clean malicious code, that’s when we start our investigation process—and the majority of these research findings end up on the blog or as a Labs note. However, other times we update our tools to automatically detect and remediate the malware, then stash the code sample in our zoo […]
Tag Archives: Website Security
What is Cryptocurrency Mining Malware?
Before we get into the details of “Cryptocurrency Mining Malware”, we need to understand first what cryptocurrency is and what miners are. What is Cryptocurrency? Cryptocurrency is best thought of as digital currency and it only exists on computers. It is transferred between peers (there is no middleman like a bank). Transactions are then recorded […]
TimThumb Attacks: The Scale of Legacy Malware Infections
These days, we consider a malware campaign massive if it affects a couple thousand websites. However, back in the day when Sucuri first started its operations, the scale of infections was significantly larger — and it was quite typical to see hundreds of thousands of websites affected by the same malware. This was mostly because […]
How to Improve Ecommerce Security
If you have an ecommerce website, you are certainly concerned about its security. Business revenue depends on your online presence and having a website compromise is far from desirable. In order to have a successful ecommerce business, you need to follow the requirements outlined by the Payment Card Industry Data Security Standards (PCI DSS). The […]
Internet Cookies: What Are They and Are They Good or Bad?
Cookies! I LOVE Cookies. Oatmeal raisin are one of my particular favorite flavors. However, we’re not here to talk about baked goods as much as I’d love to. We’re here to talk about itty bitty little files stored on your local machine, also called cookies. We’ve often come across several users inquiring about what they […]
How Domain Expiration Can Potentially Disrupt Other Websites
A website owner recently reached out to us about a pop-up advertisement problem on their website which occurred any time someone clicked anywhere on the web page. This irritating pop-up didn’t come from malware placed in the website’s files or database, but rather from a single JavaScript source that the owner added to a widget: […]
The Largest DDoS Attacks & What You Can Learn From Them
A DDoS (Distributed Denial of Service) is an attack that focuses on making the website unavailable to its legitimate users. DDoS attacks can produce service interruptions, introduce large response delays, and cause various business losses. Denial-of-Service Attacks result in two ways —they either flood services or crash services. Attackers execute DDoS through computers and smart devices. […]
Sucuri Can Help Secure Your Client Websites
At Sucuri, we understand that most web professionals and web agencies ultimately need to make their clients part of the decision-making process for choosing to secure their sites. Overall, website security sounds like a good thing, but how do you position the value of Sucuri’s website security to clients who don’t know (or even care […]
What Hackers Do After Gaining Access to a Website
A hack or cyber attack is the act of maliciously entering, taking control over, or manipulating by force a web application, server, or file that belongs to someone else. Cyber attacks will: modify files, retrieve information, insert commands or scripts, change the way your website and Google Search Results look to visitors. What Do Hackers […]
How to Create a Website Maintenance Plan & Contract
In my years of experience working alongside agencies, I’ve realized that managed providers and other web pros who offer website maintenance to their clients, have a hard time convincing them on the value of managed services. It’s a common mindset. Much like the homeowner who is unwilling to invest in a rock solid insurance policy […]
